Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/IhIKY6QhTtqzoh2xaSA_lDwLCnE.roa
File: IhIKY6QhTtqzoh2xaSA_lDwLCnE.roa (raw, json)
Hash identifier: T0tLwCThf/vG+VkzPANOPczotnU62ZBKMhxLAWBb4aU=
Subject key identifier: 22:12:0A:63:A4:21:4E:DA:B3:A2:1D:B1:69:20:3F:94:3C:0B:0A:71
Certificate issuer: /CN=5ee531b9ac2990d69a8a5c3023e72e6d841e6c09
Certificate serial: 0199C2533B8A55B33E5CEBA1FDD1CAF2E78A
Authority key identifier: 5E:E5:31:B9:AC:29:90:D6:9A:8A:5C:30:23:E7:2E:6D:84:1E:6C:09
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XuUxuawpkNaailwwI-cubYQebAk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/IhIKY6QhTtqzoh2xaSA_lDwLCnE.roa
Signing time: Wed 08 Oct 2025 05:37:38 +0000
ROA not before: Wed 08 Oct 2025 05:37:38 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 201776
IP address blocks: 2.63.144.0/20 maxlen: 20
2.63.158.0/24 maxlen: 24
2.63.159.0/24 maxlen: 24
2.63.176.0/20 maxlen: 20
2.63.224.0/20 maxlen: 20
2.63.225.0/24 maxlen: 24
46.61.150.0/24 maxlen: 24
46.61.245.0/24 maxlen: 24
84.42.92.0/24 maxlen: 24
84.42.93.0/24 maxlen: 24
84.42.94.0/24 maxlen: 24
84.42.95.0/24 maxlen: 24
85.174.144.0/20 maxlen: 24
92.50.204.0/23 maxlen: 23
92.50.204.0/24 maxlen: 24
92.50.205.0/24 maxlen: 24
176.119.169.0/24 maxlen: 24
176.119.170.0/24 maxlen: 24
176.119.171.0/24 maxlen: 24
176.119.172.0/24 maxlen: 24
176.208.74.0/24 maxlen: 24
176.211.120.0/22 maxlen: 22
188.128.76.0/23 maxlen: 24
188.128.76.0/24 maxlen: 24
188.128.77.0/24 maxlen: 24
188.254.122.0/23 maxlen: 24
188.254.122.0/24 maxlen: 24
188.254.123.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/XuUxuawpkNaailwwI-cubYQebAk.crl
rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/XuUxuawpkNaailwwI-cubYQebAk.mft
rsync://rpki.ripe.net/repository/DEFAULT/XuUxuawpkNaailwwI-cubYQebAk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 15:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:c2:53:3b:8a:55:b3:3e:5c:eb:a1:fd:d1:ca:f2:e7:8a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5ee531b9ac2990d69a8a5c3023e72e6d841e6c09
Validity
Not Before: Oct 8 05:37:38 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=22120a63a4214edab3a21db169203f943c0b0a71
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:15:3d:ac:82:19:1a:f5:b5:7e:f9:92:e8:47:
a3:a5:ea:bd:0e:12:4a:8a:2c:43:28:66:0f:73:62:
42:8d:93:4c:75:3a:73:96:07:37:f6:23:17:51:82:
2d:9c:0e:08:38:05:50:13:86:d4:55:4c:4c:b5:ae:
90:ed:8f:f8:5e:0f:75:e4:15:b0:64:a8:5c:00:5c:
01:cc:88:79:eb:63:93:24:ad:37:a2:44:f7:49:35:
bf:81:d2:01:67:27:e5:8d:80:0a:63:b4:35:30:15:
1a:34:b9:b7:65:9c:ab:85:3b:a4:fc:dc:cc:7a:ab:
b8:f8:ec:a8:bb:2b:43:18:ba:08:79:53:14:82:2b:
2f:13:24:ac:95:7a:1f:e8:d5:ce:17:01:9a:0f:1c:
2b:bf:67:56:25:4b:71:1c:26:c3:d5:50:12:29:be:
e9:01:e1:39:00:e3:c3:97:86:d3:ac:9e:6e:49:ee:
a2:1d:58:02:d2:c9:5f:dd:05:e5:a9:2f:4d:7c:4e:
b3:d1:83:a4:4a:3f:95:99:40:be:4f:93:23:3e:95:
13:ce:01:55:49:4c:ee:b0:3e:b2:59:96:93:2a:17:
94:57:cc:67:22:3e:7b:8a:8f:35:71:93:fa:86:ee:
b0:5e:ff:99:9f:bb:02:f0:3d:c1:3c:fd:e2:bf:56:
dd:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
22:12:0A:63:A4:21:4E:DA:B3:A2:1D:B1:69:20:3F:94:3C:0B:0A:71
X509v3 Authority Key Identifier:
keyid:5E:E5:31:B9:AC:29:90:D6:9A:8A:5C:30:23:E7:2E:6D:84:1E:6C:09
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XuUxuawpkNaailwwI-cubYQebAk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/IhIKY6QhTtqzoh2xaSA_lDwLCnE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/XuUxuawpkNaailwwI-cubYQebAk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.63.144.0/20
2.63.176.0/20
2.63.224.0/20
46.61.150.0/24
46.61.245.0/24
84.42.92.0/22
85.174.144.0/20
92.50.204.0/23
176.119.169.0-176.119.172.255
176.208.74.0/24
176.211.120.0/22
188.128.76.0/23
188.254.122.0/23
Signature Algorithm: sha256WithRSAEncryption
29:65:43:09:6c:23:ca:7c:85:67:df:a1:6a:d5:a5:3f:79:2a:
21:c2:97:75:1a:4c:30:35:77:e2:b1:f2:94:77:c1:88:60:a2:
a7:97:85:92:d4:5d:05:77:2d:c9:36:8e:c3:da:ed:f3:2e:a1:
15:f3:d2:8f:6b:8b:f7:5a:e8:1e:c5:a7:e6:0c:ea:29:73:66:
ec:3b:e6:b1:d3:be:55:60:45:03:98:d8:9b:f1:bc:b1:61:3a:
2c:31:4b:15:fb:a8:75:a4:5c:84:50:fe:05:b6:ea:aa:fc:06:
a0:b7:bc:17:75:55:c7:26:63:81:40:ab:62:c4:bf:58:23:a1:
71:49:1f:96:e3:69:f4:e9:9a:53:c5:fa:12:62:86:d2:75:13:
67:f3:91:67:cc:c9:34:3f:1b:8f:ec:8f:a5:ec:c1:a4:21:d9:
d5:93:ea:ff:c1:b4:dd:ed:92:23:c5:7a:b9:88:8e:29:67:02:
4d:28:d8:ac:70:a1:2b:70:9e:2c:68:cd:c5:f9:3e:f7:df:53:
d4:7a:07:b3:c1:17:1f:a6:26:c1:cb:37:62:47:2b:61:89:38:
e8:1d:4a:29:f9:29:47:86:6f:1f:3e:24:83:fb:5c:4a:ee:6c:
58:bd:6e:df:73:41:c6:10:a4:bc:4b:54:63:62:1d:41:e1:cb:
71:03:4b:d3
-----BEGIN CERTIFICATE-----
MIIFTTCCBDWgAwIBAgISAZnCUzuKVbM+XOuh/dHK8ueKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVlZTUzMWI5YWMyOTkwZDY5YThhNWMzMDIzZTcyZTZkODQx
ZTZjMDkwHhcNMjUxMDA4MDUzNzM4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMjEyMGE2M2E0MjE0ZWRhYjNhMjFkYjE2OTIwM2Y5NDNjMGIwYTcxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwBU9rIIZGvW1fvmS6Eejpeq9DhJK
iixDKGYPc2JCjZNMdTpzlgc39iMXUYItnA4IOAVQE4bUVUxMta6Q7Y/4Xg915BWw
ZKhcAFwBzIh562OTJK03okT3STW/gdIBZyfljYAKY7Q1MBUaNLm3ZZyrhTuk/NzM
equ4+OyouytDGLoIeVMUgisvEySslXof6NXOFwGaDxwrv2dWJUtxHCbD1VASKb7p
AeE5AOPDl4bTrJ5uSe6iHVgC0slf3QXlqS9NfE6z0YOkSj+VmUC+T5MjPpUTzgFV
SUzusD6yWZaTKheUV8xnIj57io81cZP6hu6wXv+Zn7sC8D3BPP3iv1bdgQIDAQAB
o4ICWTCCAlUwHQYDVR0OBBYEFCISCmOkIU7as6IdsWkgP5Q8CwpxMB8GA1UdIwQY
MBaAFF7lMbmsKZDWmopcMCPnLm2EHmwJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWHVVeHVhd3BrTmFhaWx3d0ktY3ViWVFlYkFrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZC85YTFkNDQtODYwOS00ZTVlLWJhOTQt
NWE4NmMyNzU3YzFlLzEvSWhJS1k2UWhUdHF6b2gyeGFTQV9sRHdMQ25FLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZC85YTFkNDQtODYwOS00ZTVlLWJhOTQtNWE4NmMyNzU3YzFl
LzEvWHVVeHVhd3BrTmFhaWx3d0ktY3ViWVFlYkFrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMG8GCCsGAQUFBwEHAQH/BGAwXjBcBAIAATBWAwQEAj+QAwQE
Aj+wAwQEAj/gAwQALj2WAwQALj31AwQCVCpcAwQEVa6QAwQBXDLMMAwDBACwd6kD
BACwd6wDBACw0EoDBAKw03gDBAG8gEwDBAG8/nowDQYJKoZIhvcNAQELBQADggEB
ACllQwlsI8p8hWffoWrVpT95KiHCl3UaTDA1d+Kx8pR3wYhgoqeXhZLUXQV3Lck2
jsPa7fMuoRXz0o9ri/da6B7Fp+YM6ilzZuw75rHTvlVgRQOY2JvxvLFhOiwxSxX7
qHWkXIRQ/gW26qr8BqC3vBd1VccmY4FAq2LEv1gjoXFJH5bjafTpmlPF+hJihtJ1
E2fzkWfMyTQ/G4/sj6XswaQh2dWT6v/BtN3tkiPFermIjilnAk0o2KxwoStwnixo
zcX5PvffU9R6B7PBFx+mJsHLN2JHK2GJOOgdSin5KUeGbx8+JIP7XErubFi9bt9z
QcYQpLxLVGNiHUHhy3EDS9M=
-----END CERTIFICATE-----
Generated at Sun Oct 19 22:46:41 2025 by rpki-client